diff options
Diffstat (limited to 'fs/ecryptfs/crypto.c')
-rw-r--r-- | fs/ecryptfs/crypto.c | 427 |
1 files changed, 235 insertions, 192 deletions
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index e3d2118fafad..7f788ea5da2b 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c | |||
@@ -467,8 +467,91 @@ out: | |||
467 | } | 467 | } |
468 | 468 | ||
469 | /** | 469 | /** |
470 | * ecryptfs_lower_offset_for_extent | ||
471 | * | ||
472 | * Convert an eCryptfs page index into a lower byte offset | ||
473 | */ | ||
474 | void ecryptfs_lower_offset_for_extent(loff_t *offset, loff_t extent_num, | ||
475 | struct ecryptfs_crypt_stat *crypt_stat) | ||
476 | { | ||
477 | (*offset) = ((crypt_stat->extent_size | ||
478 | * crypt_stat->num_header_extents_at_front) | ||
479 | + (crypt_stat->extent_size * extent_num)); | ||
480 | } | ||
481 | |||
482 | /** | ||
483 | * ecryptfs_encrypt_extent | ||
484 | * @enc_extent_page: Allocated page into which to encrypt the data in | ||
485 | * @page | ||
486 | * @crypt_stat: crypt_stat containing cryptographic context for the | ||
487 | * encryption operation | ||
488 | * @page: Page containing plaintext data extent to encrypt | ||
489 | * @extent_offset: Page extent offset for use in generating IV | ||
490 | * | ||
491 | * Encrypts one extent of data. | ||
492 | * | ||
493 | * Return zero on success; non-zero otherwise | ||
494 | */ | ||
495 | static int ecryptfs_encrypt_extent(struct page *enc_extent_page, | ||
496 | struct ecryptfs_crypt_stat *crypt_stat, | ||
497 | struct page *page, | ||
498 | unsigned long extent_offset) | ||
499 | { | ||
500 | unsigned long extent_base; | ||
501 | char extent_iv[ECRYPTFS_MAX_IV_BYTES]; | ||
502 | int rc; | ||
503 | |||
504 | extent_base = (page->index | ||
505 | * (PAGE_CACHE_SIZE / crypt_stat->extent_size)); | ||
506 | rc = ecryptfs_derive_iv(extent_iv, crypt_stat, | ||
507 | (extent_base + extent_offset)); | ||
508 | if (rc) { | ||
509 | ecryptfs_printk(KERN_ERR, "Error attempting to " | ||
510 | "derive IV for extent [0x%.16x]; " | ||
511 | "rc = [%d]\n", (extent_base + extent_offset), | ||
512 | rc); | ||
513 | goto out; | ||
514 | } | ||
515 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
516 | ecryptfs_printk(KERN_DEBUG, "Encrypting extent " | ||
517 | "with iv:\n"); | ||
518 | ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); | ||
519 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " | ||
520 | "encryption:\n"); | ||
521 | ecryptfs_dump_hex((char *) | ||
522 | (page_address(page) | ||
523 | + (extent_offset * crypt_stat->extent_size)), | ||
524 | 8); | ||
525 | } | ||
526 | rc = ecryptfs_encrypt_page_offset(crypt_stat, enc_extent_page, 0, | ||
527 | page, (extent_offset | ||
528 | * crypt_stat->extent_size), | ||
529 | crypt_stat->extent_size, extent_iv); | ||
530 | if (rc < 0) { | ||
531 | printk(KERN_ERR "%s: Error attempting to encrypt page with " | ||
532 | "page->index = [%ld], extent_offset = [%ld]; " | ||
533 | "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, | ||
534 | rc); | ||
535 | goto out; | ||
536 | } | ||
537 | rc = 0; | ||
538 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
539 | ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " | ||
540 | "rc = [%d]\n", (extent_base + extent_offset), | ||
541 | rc); | ||
542 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " | ||
543 | "encryption:\n"); | ||
544 | ecryptfs_dump_hex((char *)(page_address(enc_extent_page)), 8); | ||
545 | } | ||
546 | out: | ||
547 | return rc; | ||
548 | } | ||
549 | |||
550 | /** | ||
470 | * ecryptfs_encrypt_page | 551 | * ecryptfs_encrypt_page |
471 | * @ctx: The context of the page | 552 | * @page: Page mapped from the eCryptfs inode for the file; contains |
553 | * decrypted content that needs to be encrypted (to a temporary | ||
554 | * page; not in place) and written out to the lower file | ||
472 | * | 555 | * |
473 | * Encrypt an eCryptfs page. This is done on a per-extent basis. Note | 556 | * Encrypt an eCryptfs page. This is done on a per-extent basis. Note |
474 | * that eCryptfs pages may straddle the lower pages -- for instance, | 557 | * that eCryptfs pages may straddle the lower pages -- for instance, |
@@ -478,128 +561,121 @@ out: | |||
478 | * file, 24K of page 0 of the lower file will be read and decrypted, | 561 | * file, 24K of page 0 of the lower file will be read and decrypted, |
479 | * and then 8K of page 1 of the lower file will be read and decrypted. | 562 | * and then 8K of page 1 of the lower file will be read and decrypted. |
480 | * | 563 | * |
481 | * The actual operations performed on each page depends on the | ||
482 | * contents of the ecryptfs_page_crypt_context struct. | ||
483 | * | ||
484 | * Returns zero on success; negative on error | 564 | * Returns zero on success; negative on error |
485 | */ | 565 | */ |
486 | int ecryptfs_encrypt_page(struct ecryptfs_page_crypt_context *ctx) | 566 | int ecryptfs_encrypt_page(struct page *page) |
487 | { | 567 | { |
488 | char extent_iv[ECRYPTFS_MAX_IV_BYTES]; | 568 | struct inode *ecryptfs_inode; |
489 | unsigned long base_extent; | ||
490 | unsigned long extent_offset = 0; | ||
491 | unsigned long lower_page_idx = 0; | ||
492 | unsigned long prior_lower_page_idx = 0; | ||
493 | struct page *lower_page; | ||
494 | struct inode *lower_inode; | ||
495 | struct ecryptfs_inode_info *inode_info; | ||
496 | struct ecryptfs_crypt_stat *crypt_stat; | 569 | struct ecryptfs_crypt_stat *crypt_stat; |
570 | char *enc_extent_virt = NULL; | ||
571 | struct page *enc_extent_page; | ||
572 | loff_t extent_offset; | ||
497 | int rc = 0; | 573 | int rc = 0; |
498 | int lower_byte_offset = 0; | 574 | |
499 | int orig_byte_offset = 0; | 575 | ecryptfs_inode = page->mapping->host; |
500 | int num_extents_per_page; | 576 | crypt_stat = |
501 | #define ECRYPTFS_PAGE_STATE_UNREAD 0 | 577 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); |
502 | #define ECRYPTFS_PAGE_STATE_READ 1 | ||
503 | #define ECRYPTFS_PAGE_STATE_MODIFIED 2 | ||
504 | #define ECRYPTFS_PAGE_STATE_WRITTEN 3 | ||
505 | int page_state; | ||
506 | |||
507 | lower_inode = ecryptfs_inode_to_lower(ctx->page->mapping->host); | ||
508 | inode_info = ecryptfs_inode_to_private(ctx->page->mapping->host); | ||
509 | crypt_stat = &inode_info->crypt_stat; | ||
510 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | 578 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
511 | rc = ecryptfs_copy_page_to_lower(ctx->page, lower_inode, | 579 | rc = ecryptfs_write_lower_page_segment(ecryptfs_inode, page, |
512 | ctx->param.lower_file); | 580 | 0, PAGE_CACHE_SIZE); |
513 | if (rc) | 581 | if (rc) |
514 | ecryptfs_printk(KERN_ERR, "Error attempting to copy " | 582 | printk(KERN_ERR "%s: Error attempting to copy " |
515 | "page at index [0x%.16x]\n", | 583 | "page at index [%ld]\n", __FUNCTION__, |
516 | ctx->page->index); | 584 | page->index); |
517 | goto out; | 585 | goto out; |
518 | } | 586 | } |
519 | num_extents_per_page = PAGE_CACHE_SIZE / crypt_stat->extent_size; | 587 | enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); |
520 | base_extent = (ctx->page->index * num_extents_per_page); | 588 | if (!enc_extent_virt) { |
521 | page_state = ECRYPTFS_PAGE_STATE_UNREAD; | 589 | rc = -ENOMEM; |
522 | while (extent_offset < num_extents_per_page) { | 590 | ecryptfs_printk(KERN_ERR, "Error allocating memory for " |
523 | ecryptfs_extent_to_lwr_pg_idx_and_offset( | 591 | "encrypted extent\n"); |
524 | &lower_page_idx, &lower_byte_offset, crypt_stat, | 592 | goto out; |
525 | (base_extent + extent_offset)); | 593 | } |
526 | if (prior_lower_page_idx != lower_page_idx | 594 | enc_extent_page = virt_to_page(enc_extent_virt); |
527 | && page_state == ECRYPTFS_PAGE_STATE_MODIFIED) { | 595 | for (extent_offset = 0; |
528 | rc = ecryptfs_write_out_page(ctx, lower_page, | 596 | extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); |
529 | lower_inode, | 597 | extent_offset++) { |
530 | orig_byte_offset, | 598 | loff_t offset; |
531 | (PAGE_CACHE_SIZE | 599 | |
532 | - orig_byte_offset)); | 600 | rc = ecryptfs_encrypt_extent(enc_extent_page, crypt_stat, page, |
533 | if (rc) { | 601 | extent_offset); |
534 | ecryptfs_printk(KERN_ERR, "Error attempting " | ||
535 | "to write out page; rc = [%d]" | ||
536 | "\n", rc); | ||
537 | goto out; | ||
538 | } | ||
539 | page_state = ECRYPTFS_PAGE_STATE_WRITTEN; | ||
540 | } | ||
541 | if (page_state == ECRYPTFS_PAGE_STATE_UNREAD | ||
542 | || page_state == ECRYPTFS_PAGE_STATE_WRITTEN) { | ||
543 | rc = ecryptfs_read_in_page(ctx, &lower_page, | ||
544 | lower_inode, lower_page_idx, | ||
545 | lower_byte_offset); | ||
546 | if (rc) { | ||
547 | ecryptfs_printk(KERN_ERR, "Error attempting " | ||
548 | "to read in lower page with " | ||
549 | "index [0x%.16x]; rc = [%d]\n", | ||
550 | lower_page_idx, rc); | ||
551 | goto out; | ||
552 | } | ||
553 | orig_byte_offset = lower_byte_offset; | ||
554 | prior_lower_page_idx = lower_page_idx; | ||
555 | page_state = ECRYPTFS_PAGE_STATE_READ; | ||
556 | } | ||
557 | BUG_ON(!(page_state == ECRYPTFS_PAGE_STATE_MODIFIED | ||
558 | || page_state == ECRYPTFS_PAGE_STATE_READ)); | ||
559 | rc = ecryptfs_derive_iv(extent_iv, crypt_stat, | ||
560 | (base_extent + extent_offset)); | ||
561 | if (rc) { | 602 | if (rc) { |
562 | ecryptfs_printk(KERN_ERR, "Error attempting to " | 603 | printk(KERN_ERR "%s: Error encrypting extent; " |
563 | "derive IV for extent [0x%.16x]; " | 604 | "rc = [%d]\n", __FUNCTION__, rc); |
564 | "rc = [%d]\n", | ||
565 | (base_extent + extent_offset), rc); | ||
566 | goto out; | 605 | goto out; |
567 | } | 606 | } |
568 | if (unlikely(ecryptfs_verbosity > 0)) { | 607 | ecryptfs_lower_offset_for_extent( |
569 | ecryptfs_printk(KERN_DEBUG, "Encrypting extent " | 608 | &offset, ((page->index * (PAGE_CACHE_SIZE |
570 | "with iv:\n"); | 609 | / crypt_stat->extent_size)) |
571 | ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); | 610 | + extent_offset), crypt_stat); |
572 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " | 611 | rc = ecryptfs_write_lower(ecryptfs_inode, enc_extent_virt, |
573 | "encryption:\n"); | 612 | offset, crypt_stat->extent_size); |
574 | ecryptfs_dump_hex((char *) | 613 | if (rc) { |
575 | (page_address(ctx->page) | 614 | ecryptfs_printk(KERN_ERR, "Error attempting " |
576 | + (extent_offset | 615 | "to write lower page; rc = [%d]" |
577 | * crypt_stat->extent_size)), 8); | 616 | "\n", rc); |
578 | } | 617 | goto out; |
579 | rc = ecryptfs_encrypt_page_offset( | ||
580 | crypt_stat, lower_page, lower_byte_offset, ctx->page, | ||
581 | (extent_offset * crypt_stat->extent_size), | ||
582 | crypt_stat->extent_size, extent_iv); | ||
583 | ecryptfs_printk(KERN_DEBUG, "Encrypt extent [0x%.16x]; " | ||
584 | "rc = [%d]\n", | ||
585 | (base_extent + extent_offset), rc); | ||
586 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
587 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " | ||
588 | "encryption:\n"); | ||
589 | ecryptfs_dump_hex((char *)(page_address(lower_page) | ||
590 | + lower_byte_offset), 8); | ||
591 | } | 618 | } |
592 | page_state = ECRYPTFS_PAGE_STATE_MODIFIED; | ||
593 | extent_offset++; | 619 | extent_offset++; |
594 | } | 620 | } |
595 | BUG_ON(orig_byte_offset != 0); | 621 | out: |
596 | rc = ecryptfs_write_out_page(ctx, lower_page, lower_inode, 0, | 622 | kfree(enc_extent_virt); |
597 | (lower_byte_offset | 623 | return rc; |
598 | + crypt_stat->extent_size)); | 624 | } |
625 | |||
626 | static int ecryptfs_decrypt_extent(struct page *page, | ||
627 | struct ecryptfs_crypt_stat *crypt_stat, | ||
628 | struct page *enc_extent_page, | ||
629 | unsigned long extent_offset) | ||
630 | { | ||
631 | unsigned long extent_base; | ||
632 | char extent_iv[ECRYPTFS_MAX_IV_BYTES]; | ||
633 | int rc; | ||
634 | |||
635 | extent_base = (page->index | ||
636 | * (PAGE_CACHE_SIZE / crypt_stat->extent_size)); | ||
637 | rc = ecryptfs_derive_iv(extent_iv, crypt_stat, | ||
638 | (extent_base + extent_offset)); | ||
599 | if (rc) { | 639 | if (rc) { |
600 | ecryptfs_printk(KERN_ERR, "Error attempting to write out " | 640 | ecryptfs_printk(KERN_ERR, "Error attempting to " |
601 | "page; rc = [%d]\n", rc); | 641 | "derive IV for extent [0x%.16x]; " |
602 | goto out; | 642 | "rc = [%d]\n", (extent_base + extent_offset), |
643 | rc); | ||
644 | goto out; | ||
645 | } | ||
646 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
647 | ecryptfs_printk(KERN_DEBUG, "Decrypting extent " | ||
648 | "with iv:\n"); | ||
649 | ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); | ||
650 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " | ||
651 | "decryption:\n"); | ||
652 | ecryptfs_dump_hex((char *) | ||
653 | (page_address(enc_extent_page) | ||
654 | + (extent_offset * crypt_stat->extent_size)), | ||
655 | 8); | ||
656 | } | ||
657 | rc = ecryptfs_decrypt_page_offset(crypt_stat, page, | ||
658 | (extent_offset | ||
659 | * crypt_stat->extent_size), | ||
660 | enc_extent_page, 0, | ||
661 | crypt_stat->extent_size, extent_iv); | ||
662 | if (rc < 0) { | ||
663 | printk(KERN_ERR "%s: Error attempting to decrypt to page with " | ||
664 | "page->index = [%ld], extent_offset = [%ld]; " | ||
665 | "rc = [%d]\n", __FUNCTION__, page->index, extent_offset, | ||
666 | rc); | ||
667 | goto out; | ||
668 | } | ||
669 | rc = 0; | ||
670 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
671 | ecryptfs_printk(KERN_DEBUG, "Decrypt extent [0x%.16x]; " | ||
672 | "rc = [%d]\n", (extent_base + extent_offset), | ||
673 | rc); | ||
674 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " | ||
675 | "decryption:\n"); | ||
676 | ecryptfs_dump_hex((char *)(page_address(page) | ||
677 | + (extent_offset | ||
678 | * crypt_stat->extent_size)), 8); | ||
603 | } | 679 | } |
604 | out: | 680 | out: |
605 | return rc; | 681 | return rc; |
@@ -607,8 +683,9 @@ out: | |||
607 | 683 | ||
608 | /** | 684 | /** |
609 | * ecryptfs_decrypt_page | 685 | * ecryptfs_decrypt_page |
610 | * @file: The ecryptfs file | 686 | * @page: Page mapped from the eCryptfs inode for the file; data read |
611 | * @page: The page in ecryptfs to decrypt | 687 | * and decrypted from the lower file will be written into this |
688 | * page | ||
612 | * | 689 | * |
613 | * Decrypt an eCryptfs page. This is done on a per-extent basis. Note | 690 | * Decrypt an eCryptfs page. This is done on a per-extent basis. Note |
614 | * that eCryptfs pages may straddle the lower pages -- for instance, | 691 | * that eCryptfs pages may straddle the lower pages -- for instance, |
@@ -620,103 +697,69 @@ out: | |||
620 | * | 697 | * |
621 | * Returns zero on success; negative on error | 698 | * Returns zero on success; negative on error |
622 | */ | 699 | */ |
623 | int ecryptfs_decrypt_page(struct file *file, struct page *page) | 700 | int ecryptfs_decrypt_page(struct page *page) |
624 | { | 701 | { |
625 | char extent_iv[ECRYPTFS_MAX_IV_BYTES]; | 702 | struct inode *ecryptfs_inode; |
626 | unsigned long base_extent; | ||
627 | unsigned long extent_offset = 0; | ||
628 | unsigned long lower_page_idx = 0; | ||
629 | unsigned long prior_lower_page_idx = 0; | ||
630 | struct page *lower_page; | ||
631 | char *lower_page_virt = NULL; | ||
632 | struct inode *lower_inode; | ||
633 | struct ecryptfs_crypt_stat *crypt_stat; | 703 | struct ecryptfs_crypt_stat *crypt_stat; |
704 | char *enc_extent_virt = NULL; | ||
705 | struct page *enc_extent_page; | ||
706 | unsigned long extent_offset; | ||
634 | int rc = 0; | 707 | int rc = 0; |
635 | int byte_offset; | ||
636 | int num_extents_per_page; | ||
637 | int page_state; | ||
638 | 708 | ||
639 | crypt_stat = &(ecryptfs_inode_to_private( | 709 | ecryptfs_inode = page->mapping->host; |
640 | page->mapping->host)->crypt_stat); | 710 | crypt_stat = |
641 | lower_inode = ecryptfs_inode_to_lower(page->mapping->host); | 711 | &(ecryptfs_inode_to_private(ecryptfs_inode)->crypt_stat); |
642 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { | 712 | if (!(crypt_stat->flags & ECRYPTFS_ENCRYPTED)) { |
643 | rc = ecryptfs_do_readpage(file, page, page->index); | 713 | rc = ecryptfs_read_lower_page_segment(page, page->index, 0, |
714 | PAGE_CACHE_SIZE, | ||
715 | ecryptfs_inode); | ||
644 | if (rc) | 716 | if (rc) |
645 | ecryptfs_printk(KERN_ERR, "Error attempting to copy " | 717 | printk(KERN_ERR "%s: Error attempting to copy " |
646 | "page at index [0x%.16x]\n", | 718 | "page at index [%ld]\n", __FUNCTION__, |
647 | page->index); | 719 | page->index); |
648 | goto out; | 720 | goto out_clear_uptodate; |
649 | } | 721 | } |
650 | num_extents_per_page = PAGE_CACHE_SIZE / crypt_stat->extent_size; | 722 | enc_extent_virt = kmalloc(PAGE_CACHE_SIZE, GFP_USER); |
651 | base_extent = (page->index * num_extents_per_page); | 723 | if (!enc_extent_virt) { |
652 | lower_page_virt = kmem_cache_alloc(ecryptfs_lower_page_cache, | ||
653 | GFP_KERNEL); | ||
654 | if (!lower_page_virt) { | ||
655 | rc = -ENOMEM; | 724 | rc = -ENOMEM; |
656 | ecryptfs_printk(KERN_ERR, "Error getting page for encrypted " | 725 | ecryptfs_printk(KERN_ERR, "Error allocating memory for " |
657 | "lower page(s)\n"); | 726 | "encrypted extent\n"); |
658 | goto out; | 727 | goto out_clear_uptodate; |
659 | } | 728 | } |
660 | lower_page = virt_to_page(lower_page_virt); | 729 | enc_extent_page = virt_to_page(enc_extent_virt); |
661 | page_state = ECRYPTFS_PAGE_STATE_UNREAD; | 730 | for (extent_offset = 0; |
662 | while (extent_offset < num_extents_per_page) { | 731 | extent_offset < (PAGE_CACHE_SIZE / crypt_stat->extent_size); |
663 | ecryptfs_extent_to_lwr_pg_idx_and_offset( | 732 | extent_offset++) { |
664 | &lower_page_idx, &byte_offset, crypt_stat, | 733 | loff_t offset; |
665 | (base_extent + extent_offset)); | 734 | |
666 | if (prior_lower_page_idx != lower_page_idx | 735 | ecryptfs_lower_offset_for_extent( |
667 | || page_state == ECRYPTFS_PAGE_STATE_UNREAD) { | 736 | &offset, ((page->index * (PAGE_CACHE_SIZE |
668 | rc = ecryptfs_do_readpage(file, lower_page, | 737 | / crypt_stat->extent_size)) |
669 | lower_page_idx); | 738 | + extent_offset), crypt_stat); |
670 | if (rc) { | 739 | rc = ecryptfs_read_lower(enc_extent_virt, offset, |
671 | ecryptfs_printk(KERN_ERR, "Error reading " | 740 | crypt_stat->extent_size, |
672 | "lower encrypted page; rc = " | 741 | ecryptfs_inode); |
673 | "[%d]\n", rc); | ||
674 | goto out; | ||
675 | } | ||
676 | prior_lower_page_idx = lower_page_idx; | ||
677 | page_state = ECRYPTFS_PAGE_STATE_READ; | ||
678 | } | ||
679 | rc = ecryptfs_derive_iv(extent_iv, crypt_stat, | ||
680 | (base_extent + extent_offset)); | ||
681 | if (rc) { | 742 | if (rc) { |
682 | ecryptfs_printk(KERN_ERR, "Error attempting to " | 743 | ecryptfs_printk(KERN_ERR, "Error attempting " |
683 | "derive IV for extent [0x%.16x]; rc = " | 744 | "to read lower page; rc = [%d]" |
684 | "[%d]\n", | 745 | "\n", rc); |
685 | (base_extent + extent_offset), rc); | 746 | goto out_clear_uptodate; |
686 | goto out; | ||
687 | } | ||
688 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
689 | ecryptfs_printk(KERN_DEBUG, "Decrypting extent " | ||
690 | "with iv:\n"); | ||
691 | ecryptfs_dump_hex(extent_iv, crypt_stat->iv_bytes); | ||
692 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes before " | ||
693 | "decryption:\n"); | ||
694 | ecryptfs_dump_hex((lower_page_virt + byte_offset), 8); | ||
695 | } | 747 | } |
696 | rc = ecryptfs_decrypt_page_offset(crypt_stat, page, | 748 | rc = ecryptfs_decrypt_extent(page, crypt_stat, enc_extent_page, |
697 | (extent_offset | 749 | extent_offset); |
698 | * crypt_stat->extent_size), | 750 | if (rc) { |
699 | lower_page, byte_offset, | 751 | printk(KERN_ERR "%s: Error encrypting extent; " |
700 | crypt_stat->extent_size, | 752 | "rc = [%d]\n", __FUNCTION__, rc); |
701 | extent_iv); | 753 | goto out_clear_uptodate; |
702 | if (rc != crypt_stat->extent_size) { | ||
703 | ecryptfs_printk(KERN_ERR, "Error attempting to " | ||
704 | "decrypt extent [0x%.16x]\n", | ||
705 | (base_extent + extent_offset)); | ||
706 | goto out; | ||
707 | } | ||
708 | rc = 0; | ||
709 | if (unlikely(ecryptfs_verbosity > 0)) { | ||
710 | ecryptfs_printk(KERN_DEBUG, "First 8 bytes after " | ||
711 | "decryption:\n"); | ||
712 | ecryptfs_dump_hex((char *)(page_address(page) | ||
713 | + byte_offset), 8); | ||
714 | } | 754 | } |
715 | extent_offset++; | 755 | extent_offset++; |
716 | } | 756 | } |
757 | SetPageUptodate(page); | ||
758 | goto out; | ||
759 | out_clear_uptodate: | ||
760 | ClearPageUptodate(page); | ||
717 | out: | 761 | out: |
718 | if (lower_page_virt) | 762 | kfree(enc_extent_virt); |
719 | kmem_cache_free(ecryptfs_lower_page_cache, lower_page_virt); | ||
720 | return rc; | 763 | return rc; |
721 | } | 764 | } |
722 | 765 | ||